Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2

Individual Report

  • This piece was written over a year ago. It may no longer accurately reflect my views now, or may be factually outdated.

This essay was written for the Information System Security Management module (SCC.441) of my MSc. It achieved a grade of Distinction.

Abstract

WPA2, the 14-year-old protocol that provides secure Wi-Fi connectivity, the security of which had been formally proven, has been kracked. It has been shown to be fundamentally insecure at a specification level. This translates to different degrees of impact at the implementation level, depending on decisions taken by different vendors. That this attack uses a novel mechanism also suggests that a review of other key-based security protocols may turn up further vulnerable examples. Perhaps most crucially, this attack raises important questions about the writing of standards and access to them. This report shall establish the necessary background knowledge, summarise the findings of Vanhoef & Piessens (2017) and analyse their likely impact in the real world.

Read